Problem to solve
I want to automate the upload of a file into a Gitlab repository using the GraphQL API - more specifically the commitCreate mutation (GraphQL API resources | GitLab).
The request payload looks like this:
COMMIT_CREATE_MUTATION = """
mutation($projectPath: ID!, $branch: String!, $message: String!, $actions: [CommitAction!]!) {
commitCreate(input: {
projectPath: $projectPath,
branch: $branch,
message: $message,
actions: $actions
}) {
commit {
id
}
errors
}
}
"""
payload = {
"query": COMMIT_CREATE_MUTATION,
"variables": {
"projectPath": project_path,
"branch": branch,
"message": f"docs: upload {file_name}",
"actions": [
{
"action": "CREATE",
"filePath": f"export/{file_name}",
"content": csv_stream
}
]
}
}
It works perfectly fine using the graphql-explorer (using my cookie) but not with my personal token.
Other GraphQL requests (e.g. fetching vulnerabilities via GraphQL query) work perfectly fine with that same personal token passed as Authorization header (bearer token).
The token has the following scopes: api, read_repository and write_repository.
I expect I should be able to upload a file as a commit with that token, but I get this error response:
{
'message': "The resource that you are attempting to access does not exist or you don't have permission to perform this action",
'locations': [{'line': 3, 'column': 7}],
'path': ['commitCreate']
}
Steps to reproduce
- Create personal access token
- Submit commitCreate mutation via http request and try to upload a file
Expected: works
Result: error above
Checked docs - apparently no additional scopes necessary for GraphQL mutations.
Configuration
Provide screenshots from the GitLab UI showing relevant configuration, if applicable.
On self-managed instances, add the relevant configuration settings or changes.
Versions
Please select whether options apply, and add the version information.
- Self-managed
- GitLab.com SaaS
Versions
- GitLab Enterprise Edition v17.0.2-ee